<< 1 >>
Rating: 
Summary: Cyber Crime Investigator's Field Guide
Review: I found this book to be fantastic. Whether you are an experienced investigator of computer network security incidents (as I am for government/military/commercial organizations) or a neophyte just getting into the field of computer forensics, this book takes you through everything you need to know. The chapter on how the author handles an investigation in detail from start to finish is great. I'm applying what I learned there already. The coverage of forensic tools such as EnCase and tools from NTI is great. He gives me step by step information on how to use these tools, which I really need because you can't remember everything to do with all the tools I am involved with. The various reference sections on web sites, tool sites, attack signatures, etc. has been extremly useful for me and various organizations I work with. It's great to have the DOJ Search & Seizure Guidelines in the book. Sure, I can go out to the DOJ website and after some searching find them, but it is difficult to work through all the various links, I can't take notes there, make underlines, etc. It's really nice to have these and other guidelines in a handy written reference. This is one book that goes with me and my team members whenever we leave for a client site. It has just about everything we need for reference purposes. The author calls it a field guide and that is just what it is. I highly recommend this book. Very practical. I just hope the author is going to write another book...no doubt we will pick it up.
Rating: 
Summary: A few good chapters
Review: I was disappointed with the Cyber Crime Investigator's Field Guide. Half of the book (Appendix G) is simply a printout of the US Department of Justice Search and Seizure Guidelines. Although the guidelines are required reading, one should not have to pay for information that is available for free on the Department of Justice Web site. Chapter 6 of the book is a series of questions and answers on various subjects. The questions and answers are valuable, but the overly brief answers do not provide readers with the rationale behind the answers. The book is not without merit, though; Chapter 9, "Case Study," describes the general course of action a forensic examiner should take when involved in a computer investigation. The author details what he does in the course of a general forensic investigation -- from the time he gets the call, to his ride from the airport to the client site, to the on-site pre-briefing, and beyond.
Rating: 
Summary: Author should be a Tech Rep
Review: I've definately read better computer forensics books. 90% of the applications that the author recommends and describes how to use are not downloadable and cannot be purchased in a software store! All the links point to a 'contact a sales agent today!' This makes me ask, "Is Bruce a paid spokesperson for Forensics-Intl.com"
Additionally the author goes from very basic information to very complex information, leaving out very important middle information. I've been working with computers for more than 17 years and if I found this book to be somewhat cryptic, a newbie isn't going to understand any of the critical information that he/she should know before attempting to perform any kind of computer forensics.
Rating:
Summary: A Fantastic Book!!
Review: I've heard Bruce Middleton speak at international security conferences before and followed some of the articles he has written in the past on information security so when I noticed that he had written a book on investigating computer security incidents (CyberForensics), I knew it would be a great book to have. I was not disappointed. This is definitely a book for professionals in this field (like he says...it's a field book...something you take to the field with you for reference). Someone new to the field would also get alot out of the book if they have access to the professional level software he uses throughout the book (outstanding software from Guidance Software [EnCase], NTI [their computer forensics tool suite] and AccessData [their FTK = Forensics ToolKit] ). Even if you don't have the software currently and you want to break into this field, it's a great book to buy due to the fact that he goes into detail explaing various process, procedures, methodologies, etc that firmly relate to solving computer related crimes. I also understand that he is holding hands-on training classes with this software and using this book as the foundation. Bottom line...this book is an excellent "must have" for a CyberForensics professional working in the field and a great read for those wishing to break into this field.
<< 1 >>
| 
